A Research And Design Of The Secure Storaged USB Device Controller Based On FPGA

Due to its good accessibility, portability and low cost characteristics, the traditional USB(Universal Serial Bus) memory has become one of the most popular storage devices. However,USB storage device cannot effectively protect the stored data. Aiming at the security threatsmentioned above, a security USB2.0device controller based on field programmable gate array(FPGA) is researched on in this paper, which could effectively protect the data of the USBmemory.This paper proposes the architecture of a security USB device controller based on FPGA, thesecurity mechanisms of the secure USB device controller are implemented based on hardwaredesign technology. On the one hand, the state machine is designed to control the implementationof the authentication protocol for the security device controller, and its function will strictlyimplement. So the authentication will be mandatory achieved, which will resist the securitythreats called reverse engineering attack and the authentication mechanisms bypassing attack thatthe the firmware faces when it implements the authentication protocol. Moreover, the statemachine will produce the effective signal to enable the bulk transmission function of the device;On the other hand, the stored data as the main protected object uses the directed encrypt andtransport mechanism that provides real-time, transparent and mandatory encryption protection,while it can improve the performance of the transmission and the encryption.This paper proposes a new type authentication protocol based on the inherent safetystandards of the USB communication protocol foe the removable USB memory. First, theauthentication ensures the legitimacy of the identity of the device and the host which wanttransmission communicate, the illegal device or host cannot communication with the legitimatehost or device. Secondly, the legal device should be to identify the user who requires the datatransmission, this will resist the internal staff to steal others’ private data stored in the legitimatedevice. In this paper, low-cost authentication protocol based on the hash function is given, andthe authentication protocol can improve the efficiency of the host to identify the identity of thedevice.This paper designs the hardware architecture of the XTS-AES (XEX Tweak Steel AES)cipher algorithm that has the wheel-computing module of AES that shares the hardware, andoptimizes and implements the encryption and decryption unit. The result of the synthesis on the90nm technology shows it only consuming10%hardware resources equivalent to the otherXTS-AES core, but its processing performance fully meets the requirement of the USB2.0high-speed data transmission. The XTS-AES algorithm based on ECB mode uses the input calledjustable value to protect vast amounts of data which could not change the key, which reducesthe difficulty of key management for the security equipment, and the algorithm ensure theindependence of the data blocks which supports random access to the encrypted data for the systemFinally, this paper implements the design of the key module of the security USBdevice controller, and finishes the simulation and synthesis optimization of the key module basedon FPGA. After verifying the function of the major functional modules, we build the FPGAverification platform of the security USB device controller for system-level verification. Theverification results results show that the device controller can realize the transfer transaction forthe USB storage, and mandatory realize the authentication and encryption mechanisms of thesecurity device controller.